I am writing a service that talks to Alfresco Core repository using Apache Chemistry opencmis library and need to authenticate through SPNEGO. Cmis library requires me to provide custom authentication provider which so far doesn't work for me. So far I came up with following:
public class KerberosAuthProvider extends AbstractAuthenticationProvider {
@Override
public Map<String, List<String>> getHTTPHeaders(String url) {
try {
String authToken = …. // generate token
Map<String, List<String>> headers = Maps.newHashMap();
headers.put("Authorization", Lists.newArrayList("Negotiate " + authToken));
return headers;
} catch (Exception ex) {
throw new IllegalStateException("Couldn't get token", ex);
}
}
}
I will appreciate any suggestions.
This is correct implementation. I was not generating token correctly so was denied access. I have used WireShark to confirm the Authorisation header was added to cmis request.